Gameover Zeus-Background on the Badguys and the Backends

The Intelligence unit of Fox IT, a Delft Netherlands based security firm, recently issued an in-depth report on the Zeus crime network.  They will do a presentation on the report at the upcoming Black Hat conference in Las Vegas.

You can access the full report at: https://www.fox-it.com/en/files/2015/08/FoxIT-Whitepaper_Blackhat-web.pdf

The report provides excellent insight into the mastermind, actors, technology, and methods (MITM) of the Zeus operation, which reportedly skimmed over $100 million from financial firms beginning in 2009.  This may very well be the Internet Salami technique that I have been warning about in my event and client presentations - stealing small amounts of money under the radar across a wide range of victims.  Who worries over the small stuff these days?  Individually, a victimized company may not be motivated to invest the time and energy to investigate a reported small, inexplicable loss.  Collectively, it adds up to a lot of money for the perpetrator.  Note, however, that the report indicates that large transactions were also executed.  The attacks were made largely against victims in Georgia, Ukraine, and Turkey.

Keep an eye out for the "green glow" in your online financial transactions (representing use of an Extended Validation SSL Certificate).  Unfortunately, there is no such indicator on mobile apps so be afraid, be very afraid.

by Brian Cummings

Rate this article: 
0
No votes yet
Article category: